added rate limits to each room by author group and author #245
Conversation
|
Ideally, we would make it into a per-room setting in the future. Unfortunately, room settings arent really a thing right now... |
|
The original issue does state that limits should be "per room." If you could make that change, it'd be great! |
|
|
Sorry, I meant configured per room, as in, making an adjustable setting for each room |
|
so you mean change the db so that the admin can configure per room limits? |
backend/src/models/requestsModel.ts
Outdated
| const pendingUser = await db.request.findMany({ | ||
| where: { | ||
| authorUtorid: user.utorid, | ||
| status: RequestStatus.pending, | ||
| roomName: request.roomName, | ||
| } | ||
| }) |
There was a problem hiding this comment.
This info can be fetched when fetching this user, try limiting the number of DB queries
backend/src/models/requestsModel.ts
Outdated
| const pendingGroup = await db.request.findMany({ | ||
| where: { | ||
| groupId: request.groupId, | ||
| status: RequestStatus.pending, | ||
| roomName: request.roomName, | ||
| } | ||
| }) |
backend/src/models/requestsModel.ts
Outdated
| roomName: request.roomName, | ||
| } | ||
| }) | ||
| if (pendingUser.length > (room?.capacity || 10)) { |
There was a problem hiding this comment.
| if (pendingUser.length > (room?.capacity || 10)) { | |
| if (pendingUser.length > (room?.requestLimit || 10)) { |
backend/src/models/requestsModel.ts
Outdated
| roomName: request.roomName, | ||
| } | ||
| }) | ||
| if (pendingGroup.length > (room?.capacity || 10)) { |
There was a problem hiding this comment.
| if (pendingGroup.length > (room?.capacity || 10)) { | |
| if (pendingGroup.length > (room?.requestLimit || 10)) { |
…ckPu/hacklab-booking into add-rate-limits-per-room
backend/src/models/requestsModel.ts
Outdated
| } | ||
| if (userFetched.requests.length > room.requestLimit) { | ||
| return { | ||
| status: 403, |
backend/src/models/requestsModel.ts
Outdated
|
|
||
| if (groupFetched.requests.length > room.requestLimit) { | ||
| return { | ||
| status: 403, |
There was a problem hiding this comment.
should this be http 429: too many requests
| if (userFetched.requests.length >= room.requestLimit) { | ||
| return { | ||
| status: 429, | ||
| message: 'User has too many pending requests.', | ||
| } | ||
| } | ||
| if (userFetched.groups[0].requests.length >= room.requestLimit) { | ||
| return { | ||
| status: 429, | ||
| message: 'Group has too many pending requests.', | ||
| } | ||
| } | ||
|
|
There was a problem hiding this comment.
| if (userFetched.requests.length >= room.requestLimit) { | |
| return { | |
| status: 429, | |
| message: 'User has too many pending requests.', | |
| } | |
| } | |
| if (userFetched.groups[0].requests.length >= room.requestLimit) { | |
| return { | |
| status: 429, | |
| message: 'Group has too many pending requests.', | |
| } | |
| } | |
| if (userFetched.requests.length >= room.requestLimit || userFetched.groups[0].requests.length >= room.requestLimit) { | |
| return { | |
| status: 429, | |
| message: 'User has too many pending requests.', | |
| } | |
| } | |
added rate limits on the number of pending requests for on a room for each user and group
Note: still have not created a constant for the maximum number of pending requests (it's a hardcoded value).